If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Hello Guest,Our records indicate that you have never posted to our site before! Why not make your first post today by saying hello to our community in our Introductions forum.

Please review the forums rules, start with your first post today and become an active part of petri.co.il forums now!

The "correct" way is to get a cheap router to be your ADSL gateway on say IP 192.168.1.1 and the "external" NIC of your SBS to be 192.168.1.2. Then the internal NIC of your SBS is (by default) 192.168.16.2 and your LAN clients are 192,168.16.x distributed by the DHCP on the SBS. SBS is also your DNS and BOTH NICS point to the 192.168.16.2 address for resolution which has your ISP DNS configured as Forwarders. Your LAN is configured with .<domain>.lan as the default DNS domain for AD
All this configuration is handled for you by the CEICW (Configure E-mail and Internet Connection Wizard) which handles your ISA configuration (template) also.

TIA

Steven Teiger [SBS-MVP(2003-2009)]http://www.wintra.co.il/
sigpicIím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

We donít stop playing because we grow old, we grow old because we stop playing.

Comment

Thanks for your reply. What about it I want to handel this witout the CEICW, will it be possible? As the SBS Server Management CD I don't have it.

By the way, I having ADSL Connection with Dymanic IP Address.

But now, when I created the Domain, i have created by using the internel NIC which is having the 192.168.1.1/24 but now another NIC is installed for the ISA Propuse, no problem to chenge the IP Addressing right?

I mean, when i change the 192.168.1.1 To 192.168.16.2 nothing will happen?

Comment

Why not share your findings with us?
Well, that's good idea I'm gonna write a tutorial on how to install ISA 2004 with two NICs using one Single ADSL Line with Dymanic IP Address.

Actually and to be honest with you, I have done it after 5 times installation of ISA Server last night and i was working with it till 2:30 am just to get it done. And eventually, I have done using only SecureNAT.

Today, I will be completing the setup using F.W Client by installing them in all the clients using Unattended installation by Active Directoy GPO.

Or are you here just to take information, but when it comes to giving back you have better things to do?

The purpose of this forum is to exchange the knowledge that you, me and others knows between all the members over here. Not only taking the information and running away when the question rasied by someone else.

Just give me little bit time to be fully setup mine at home and then will prepare it and share it with you.

Comment

Why would you NOT want to use the CEICW? It ensures you are correctly protected and NOT an open mail realy etc. Furthermore, once you have run it, it saves a script which you can (re-)run as is or amend if you desire to make changes. It also provides you with certificates for remote working and mobile phones.
In short it provides you with all you need. Is it this factor that "real" sysadmins don't use wizards?

TIA

Steven Teiger [SBS-MVP(2003-2009)]http://www.wintra.co.il/
sigpicIím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

We donít stop playing because we grow old, we grow old because we stop playing.

Comment

The script file is called config.vbs (or configx.vbs - where x is 1,2,3... on subsequent runs) and can be found in the C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW directory.

TIA

Steven Teiger [SBS-MVP(2003-2009)]http://www.wintra.co.il/
sigpicIím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

We donít stop playing because we grow old, we grow old because we stop playing.

Comment

Sound like you've got one horked up install there.
Either you get a local professional to help you out, or you allow someone like myself terminal server access.
Sorry to come across as commercial at this point, but, unless this is a machine for "playing" on, you need to get this machine into a usable state ASAP. And, hey, me and my pals have to make a living as well

TIA

Steven Teiger [SBS-MVP(2003-2009)]http://www.wintra.co.il/
sigpicIím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

We donít stop playing because we grow old, we grow old because we stop playing.

Comment

well, i don't think that there is a much playing in the rules since the Outbound and Inbound Settings are correctly made.

The only thing now I'm facing is the joining the clients to the SBS Domain.

i have an Allow Rule for DNS from LocalHost to Internal and also from LocalHost to External.

By this rules i cannot join to domain any clients.

BUT,

i have a Rule that will Allow all Internal Outbound Traffic to LocalHost for all users, this rule will make me able to join the domain any clients.

Allowing all the Internal Outbound Traffic it is not a recommended practice becuase if there is an Internal Client is infected with a virus of anything it will allow to send it's broadcasting to the LocalHost which will be accepting to do so.

What i want to do is to Disable this rule which is Allowing all Outbound Traffic from Internal to LocalHost and creating the rules which will allow me to join the clients to the domain.

Can someone recommed which protocols i have to use in order to get Rid of this ?

Comment

I eventually relized that i wouldn't treat the SBS 2003 as a normal Server or DC. After getting the orginal 6 CDs from a friend of mine and installed it it works fine without it any problem in joing clients to domain by:
1. Adding the user, then automatically adding the computer name.
2. Going to clinet machine and access http://servername/connectcomputer it connects fine and the client joined into the SBS 2003 successfuly.

However, after installing ISA 2004 as a Edge Network using two NIC one from External and the other for internal, clients can access the internet using the Default Gateway as the Internal IP of the SBS 2003.

But I cannot access http://servername/connectcomputer to be able to connect the new client to SBS 2003 and also clients cannot get access to SBS 2003 Server to gain resources.

Moreover, when i try to access http://servername.domanname.com:80 it open successuly but i cannot click on Connect to Network. And I got an error message says that the IIS is Denied Access to this IP.

What are the defualt rules that must be in used ISA 2004 with SBS in order for SBS 2003 to function all the Services that SBS 2003 provides? like DNS, DHCP, ect.

Comment

Please!
Check if you have the ICW.EXE file in the:
C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW
directory.
If you do and then answer the questions on route, you will have a safe, known configuration which will save you all these questions.
If you do not have this, try going back via Add/Remove programs and the SBS setup to uninstall/reinstall the Server Management and its components. If that still doesn't go, either re-install from scratch according to the instructions, or get a professional to help you.
I personally think you are wasting too much time on an installation that will cause you nothing but grief for the rest of its working life.
Sometimes, you have to know when to cut your losses.

TIA

Steven Teiger [SBS-MVP(2003-2009)]http://www.wintra.co.il/
sigpicIím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

We donít stop playing because we grow old, we grow old because we stop playing.